USN-4215-1: NSS vulnerability
Severity
Medium
Vendor
Canonical Ubuntu
Versions Affected
- Canonical Ubuntu 16.04
Description
It was discovered that NSS incorrectly handled certain certificates. An attacker could possibly use this issue to cause a denial of service.
CVEs contained in this USN include: CVE-2019-17007
Affected VMware Products and Versions
Severity is medium unless otherwise noted.
-
Pivotal Operations Manager
- 2.7.x versions prior to 2.7.8
- 2.6.x versions prior to 2.6.18
- 2.5.x versions prior to 2.5.26
-
Pivotal Greenplum for Kubernetes
- All versions prior to 1.11.0
Mitigation
Users of affected versions should apply the following mitigation or upgrade. Releases that have fixed this issue include:
-
Pivotal Operations Manager
- 2.7.8
- 2.6.18
- 2.5.26
-
Pivotal Greenplum for Kubernetes
- 1.11.0